<?php

session_start();
session_destroy();
session_start();

// Configuração API SetExpressCheckout
$ENDPOINT = $_POST["ENDPOINT"];
$METHOD = $_POST["METHOD"];
$HDRIMG = $_POST["HDRIMG"];
$PAYMENTREQUEST_0_PAYMENTACTION = $_POST["PAYMENTREQUEST_0_PAYMENTACTION"];
$VERSION = $_POST["VERSION"];
$USER = $_POST["USER"];
$PWD = $_POST["PWD"];
$SIGNATURE = $_POST["SIGNATURE"];
$SUBJECT = $_POST["SUBJECT"];
$RETURNURL = $_POST["RETURNURL"];
$CANCELURL = $_POST["CANCELURL"];
$LOCALECODE = $_POST["LOCALECODE"];
$LANDINGPAGE = $_POST["LANDINGPAGE"];
// Dados financeiros/total da compra
$PAYMENTREQUEST_0_CURRENCYCODE = $_POST["PAYMENTREQUEST_0_CURRENCYCODE"];
$PAYMENTREQUEST_0_AMT = $_POST["PAYMENTREQUEST_0_AMT"];
$PAYMENTREQUEST_0_ITEMAMT = $_POST["PAYMENTREQUEST_0_ITEMAMT"];
$PAYMENTREQUEST_0_TAXAMT = $_POST["PAYMENTREQUEST_0_TAXAMT"];
$PAYMENTREQUEST_0_SHIPPINGAMT = $_POST["PAYMENTREQUEST_0_SHIPPINGAMT"];
//Informações Adicionais para controle do vendedor
$PAYMENTREQUEST_0_DESC = $_POST["PAYMENTREQUEST_0_DESC"];
$PAYMENTREQUEST_0_CUSTOM = $_POST["PAYMENTREQUEST_0_CUSTOM"];
$PAYMENTREQUEST_0_INVNUM = $_POST["PAYMENTREQUEST_0_INVNUM"];
// Informações sobre os itens de compra
//Item 1
$L_PAYMENTREQUEST_0_NAME0 = $_POST["L_PAYMENTREQUEST_0_NAME0"];
$L_PAYMENTREQUEST_0_DESC0 = $_POST["L_PAYMENTREQUEST_0_DESC0"];
$L_PAYMENTREQUEST_0_AMT0 = $_POST["L_PAYMENTREQUEST_0_AMT0"];
$L_PAYMENTREQUEST_0_NUMBER0 = $_POST["L_PAYMENTREQUEST_0_NUMBER0"];
$L_PAYMENTREQUEST_0_QTY0 = $_POST["L_PAYMENTREQUEST_0_QTY0"];
$L_PAYMENTREQUEST_0_ITEMCATEGORY0 = $_POST["L_PAYMENTREQUEST_0_ITEMCATEGORY0"];
//Informacoes Adicionais para o item 1
$L_PAYMENTREQUEST_0_TAXAMT0 = $_POST["L_PAYMENTREQUEST_0_TAXAMT0"];
$L_PAYMENTREQUEST_0_ITEMURL0 = $_POST["L_PAYMENTREQUEST_0_ITEMURL0"];
//Item 2
$L_PAYMENTREQUEST_0_NAME1 = $_POST["L_PAYMENTREQUEST_0_NAME1"];
$L_PAYMENTREQUEST_0_DESC1 = $_POST["L_PAYMENTREQUEST_0_DESC1"];
$L_PAYMENTREQUEST_0_AMT1 = $_POST["L_PAYMENTREQUEST_0_AMT1"];
$L_PAYMENTREQUEST_0_NUMBER1 = $_POST["L_PAYMENTREQUEST_0_NUMBER1"];
$L_PAYMENTREQUEST_0_QTY1 = $_POST["L_PAYMENTREQUEST_0_QTY1"];
$L_PAYMENTREQUEST_0_ITEMCATEGORY1 = $_POST["L_PAYMENTREQUEST_0_ITEMCATEGORY1"];
//Informacoes Adicionais para o item 2
$L_PAYMENTREQUEST_0_TAXAMT1 = $_POST["L_PAYMENTREQUEST_0_TAXAMT1"];
$L_PAYMENTREQUEST_0_ITEMURL1 = $_POST["L_PAYMENTREQUEST_0_ITEMURL1"];
//Dados do Comprador
$PAYMENTREQUEST_0_SHIPTOSTREET = $_POST["PAYMENTREQUEST_0_SHIPTOSTREET"];
$PAYMENTREQUEST_0_SHIPTOSTREET2 = $_POST["PAYMENTREQUEST_0_SHIPTOSTREET2"];
$PAYMENTREQUEST_0_SHIPTOCITY = $_POST["PAYMENTREQUEST_0_SHIPTOCITY"];
$PAYMENTREQUEST_0_SHIPTOZIP = $_POST["PAYMENTREQUEST_0_SHIPTOZIP"];
$PAYMENTREQUEST_0_SHIPTOCOUNTRYCODE = $_POST["PAYMENTREQUEST_0_SHIPTOCOUNTRYCODE"];
$ADDROVERRIDE = $_POST["ADDROVERRIDE"];
$PAYMENTREQUEST_0_SHIPTOSTATE = $_POST['PAYMENTREQUEST_0_SHIPTOSTATE'];


$_SESSION['USER'] = $USER;
$_SESSION['PWD'] = $PWD;
$_SESSION['SIGNATURE'] = $SIGNATURE;
$_SESSION['ENDPOINT'] = $ENDPOINT;
$_SESSION['PAYMENTREQUEST_0_PAYMENTACTION'] = $PAYMENTREQUEST_0_PAYMENTACTION;
$_SESSION['SUBJECT'] = $SUBJECT;


$nvp = array(
    'METHOD' => $METHOD,
    'HDRIMG' => $HDRIMG,
    'PAYMENTREQUEST_0_PAYMENTACTION' => $PAYMENTREQUEST_0_PAYMENTACTION,
    'VERSION' => $VERSION,
    'USER' => $_SESSION['USER'],
    'PWD' => $_SESSION['PWD'],
    'SIGNATURE' => $_SESSION['SIGNATURE'],
    'RETURNURL' => $RETURNURL,
    'CANCELURL' => $CANCELURL,
    'LOCALECODE' => $LOCALECODE,
    'SUBJECT' => $SUBJECT,
    'LANDINGPAGE' => $LANDINGPAGE,
    'PAYMENTREQUEST_0_CURRENCYCODE' => $PAYMENTREQUEST_0_CURRENCYCODE,
    'PAYMENTREQUEST_0_AMT' => $PAYMENTREQUEST_0_AMT,
    'PAYMENTREQUEST_0_ITEMAMT' => $PAYMENTREQUEST_0_ITEMAMT,
    'PAYMENTREQUEST_0_TAXAMT' => $PAYMENTREQUEST_0_TAXAMT,
    'PAYMENTREQUEST_0_SHIPPINGAMT' => $PAYMENTREQUEST_0_SHIPPINGAMT,
    'PAYMENTREQUEST_0_DESC' => $PAYMENTREQUEST_0_DESC,
    'PAYMENTREQUEST_0_CUSTOM' => $PAYMENTREQUEST_0_CUSTOM,
    'PAYMENTREQUEST_0_INVNUM' => $PAYMENTREQUEST_0_INVNUM,
    'L_PAYMENTREQUEST_0_NAME0' => $L_PAYMENTREQUEST_0_NAME0,
    'L_PAYMENTREQUEST_0_DESC0' => $L_PAYMENTREQUEST_0_DESC0,
    'L_PAYMENTREQUEST_0_AMT0' => $L_PAYMENTREQUEST_0_AMT0,
    'L_PAYMENTREQUEST_0_NUMBER0' => $L_PAYMENTREQUEST_0_NUMBER0,
    'L_PAYMENTREQUEST_0_QTY0' => $L_PAYMENTREQUEST_0_QTY0,
    'L_PAYMENTREQUEST_0_ITEMCATEGORY0' => $L_PAYMENTREQUEST_0_ITEMCATEGORY0,
    'L_PAYMENTREQUEST_0_TAXAMT0' => $L_PAYMENTREQUEST_0_TAXAMT0,
    'L_PAYMENTREQUEST_0_ITEMURL0' => $L_PAYMENTREQUEST_0_ITEMURL0,
    'L_PAYMENTREQUEST_0_NAME1' => $L_PAYMENTREQUEST_0_NAME1,
    'L_PAYMENTREQUEST_0_DESC1' => $L_PAYMENTREQUEST_0_DESC1,
    'L_PAYMENTREQUEST_0_AMT1' => $L_PAYMENTREQUEST_0_AMT1,
    'L_PAYMENTREQUEST_0_NUMBER1' => $L_PAYMENTREQUEST_0_NUMBER1,
    'L_PAYMENTREQUEST_0_QTY1' => $L_PAYMENTREQUEST_0_QTY1,
    'L_PAYMENTREQUEST_0_ITEMCATEGORY1' => $L_PAYMENTREQUEST_0_ITEMCATEGORY1,
    'L_PAYMENTREQUEST_0_TAXAMT1' => $L_PAYMENTREQUEST_0_TAXAMT1,
    'L_PAYMENTREQUEST_0_ITEMURL1' => $L_PAYMENTREQUEST_0_ITEMURL1,
    'PAYMENTREQUEST_0_SHIPTOSTREET' => $PAYMENTREQUEST_0_SHIPTOSTREET,
    'PAYMENTREQUEST_0_SHIPTOSTREET2' => $PAYMENTREQUEST_0_SHIPTOSTREET2,
    'PAYMENTREQUEST_0_SHIPTOCITY' => $PAYMENTREQUEST_0_SHIPTOCITY,
    'PAYMENTREQUEST_0_SHIPTOZIP' => $PAYMENTREQUEST_0_SHIPTOZIP,
    'PAYMENTREQUEST_0_SHIPTOCOUNTRYCODE' => $PAYMENTREQUEST_0_SHIPTOCOUNTRYCODE,
    'PAYMENTREQUEST_0_SHIPTOSTATE' => $PAYMENTREQUEST_0_SHIPTOSTATE,
    'ADDROVERRIDE' => $ADDROVERRIDE
);

$curl = curl_init();

curl_setopt($curl, CURLOPT_URL, $_SESSION['ENDPOINT']);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($curl, CURLOPT_SSLCERT, $certpath);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($nvp));

$response = urldecode(curl_exec($curl));

$responseNvp = array();

curl_close($curl);


if (preg_match_all('/(?<name>[^\=]+)\=(?<value>[^&]+)&?/', $response, $matches)) {
    foreach ($matches['name'] as $offset => $name) {
        $responseNvp[$name] = $matches['value'][$offset];
    }
}

if (isset($responseNvp['ACK']) && $responseNvp['ACK'] == 'Success') {
    $paypalURL = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
    $query = array(
        'cmd' => '_express-checkout',
        'token' => $responseNvp['TOKEN']
    );

    header('Location: ' . $paypalURL . '?' . http_build_query($query));
    
} else {
    echo '<p>Request</p>';
    echo '<pre>';
    print_r($nvp);
    echo '</pre>';
    echo '<p>Response</p>';
    echo '<pre>';
    print_r($responseNvp);
    echo '</pre>';
}
